package com.myebills.ebpsfrontend.cust.controller;

import com.ibm.logging.ILogger;
import com.ibm.logging.IRecordType;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 * Base class for all servlets that require user to be logged on.
 */
public abstract class EbppxSessionServlet extends EbppxServlet {

    /**
     * If user is not logged on,
     * redirect to logon failure page (set by an initialization parameter);
     * otherwise, call <code>doSession</code>.
     * <p>
     * A user is considered to be logged on if there is a session
     * and the session contains <em>either</em>
     * an instance of <code>com.checkfree.isolutions.customer.User</code>
     * as an attribute (keyed by <code>EbppxConstants.CFI_USER</code>)
     * <em>or</em>
     * an instance of <code>com.checkfree.isolutions.customer.Account</code>
     * as an attribute (keyed by <code>EbppxConstants.CFI_ACCOUNT</code>).
     */
    protected final void doRequest(
    HttpServletRequest req,
    HttpServletResponse res
    ) throws java.io.IOException, javax.servlet.ServletException {
        final String fName = "doRequest";
        ILogger trcLogger = getTraceLogger(req);

        if (trcLogger.isLogging())
            trcLogger.entry(IRecordType.TYPE_INFO, this, fName);

        // Initially assume OK, then change if a problem is found.
        boolean ok = true;

        final HttpSession session = req.getSession(false);
        if (session == null) {
            ok = false;
        }

        if (ok) {
                /* original code
                Object loggedOnUser    = session.getAttribute(EbppxConstants.CFI_USER);
                Object loggedOnAccount = session.getAttribute(EbppxConstants.CFI_ACCOUNT);

                if ((loggedOnUser == null) && (loggedOnAccount == null)) {
                    ok = false;
                } */
                System.out.println("Checking if user is logged on");

                if (session.getAttribute(EbppxConstants.USER_LOGGED_ON)==null) {
                    ok = false;
                }

                System.out.println("The user is logged on");
        }

        if (! ok) {
            redirectToMappedUrl(
            req,
            res,
            EbppxConstants.URL_LOGON_FAILURE_PARAM,
            EbppxConstants.MESSAGE_0
            + "="
            + java.net.URLEncoder.encode("Your session timed out or is invalid")
            );
            return;
        }

        try {
            doSession(req, res);
        } catch (ServletException e) {
            // Just re-throw these
            throw e;
        } catch (Throwable t) {
            throw new ServletException(t.toString(), t);
        }

        if (trcLogger.isLogging())
            trcLogger.exit(IRecordType.TYPE_INFO, this, fName);
    }

    /**
     * Override to process a request that requires a valid session with an instance of
     * <code>com.checkfree.isolutions.customer.User</code>
     * (or <code>com.checkfree.isolutions.customer.Account</code>).
     *
     * @param   req the request instance provided by the servlet engine.
     *
     * @param   res the response instance provided by the servlet engine.
     */
    protected abstract void doSession(
    HttpServletRequest req,
    HttpServletResponse res)
    throws java.io.IOException, javax.servlet.ServletException;
}